Authentik-SSO App for Nethserver 8

oneitonitram · April 12, 2024, 6:55am

I am curious about this issue.

Assume i have the one ldap provide rin nethserver for user autnehtication in nextcloud.

I deploy authentik, using the same ldap provider for user authentication, with a user named martin

if the user from ldap named martin is different rom the user named martin directly from ldap.

then lets add another sso provider, say Zitadel, with user martin, originating from ldap.

will that user also be different with different uuid.

if this is situation at hand, how can this phenomena be resolved.

i believe all should have same user parameter, being they originate from same ldap provider si it not?

dan · April 12, 2024, 9:38am

That is the $64,000 question.

oneitonitram · April 12, 2024, 10:37am

if i could be given that kind of money just for he problem, i think i could figure out the problem and resolve it, otherwise, wishful thinking…

i am curious though @dan why that figure specifically

dan · April 12, 2024, 10:44am

oneitonitram · July 26, 2024, 2:21pm

Authentik MAppings

Name

lldap

Slug

lldap

Enabled
Sync Users
User password writeback
Sync groups

Connection settings

Server URI

ldap://lldap:3890

Enable StartTLS

TLS Verification Certificate

---------

Bind CN

uid=admin,ou=people,dc=example,dc=com

Bind Password

ADMIN_PASSWORD

Base DN

dc=example,dc=com

LDAP Attribute mapping

User Property Mappings

authentik default LDAP Mapping: mail
authentik default LDAP Mapping: Name
authentik default Active Directory Mapping: givenName
authentik default Active Directory Mapping: sAMAccountName
authentik default Active Directory Mapping: sn
authentik default Active Directory Mapping: userPrincipalName
authentik default OpenLDAP Mapping: cn
authentik default OpenLDAP Mapping: uid

Group Property Mappings

authentik default LDAP Mapping: mail
authentik default LDAP Mapping: Name
authentik default Active Directory Mapping: givenName
authentik default Active Directory Mapping: sAMAccountName
authentik default Active Directory Mapping: sn
authentik default Active Directory Mapping: userPrincipalName
authentik default OpenLDAP Mapping: cn
authentik default OpenLDAP Mapping: uid

Additional settings

Group

---------

User path

LDAP/users

Addition User DN

ou=people

Addition Group DN

ou=groups

User object filter

(objectClass=person)

Group object filter

(objectClass=groupOfUniqueNames)

Group membership field

member

Object uniqueness field

uid

oneitonitram · September 5, 2024, 8:20am

Some basic configs for stirling pdf, paperless and outline

oneitonitram · February 26, 2025, 12:11am

Authentik has released the Remote Access COntrol Features with SSH and RDP as Opensource features in New version

Remote Access Control in Open Source + Enterprise Plan Updates | authentik

currently testing the new version,

Released Release 1.0.0 · geniusdynamics/ns8-goauthentik

dan · February 26, 2025, 2:20pm

Installed 1.0 on my NS8 prod system, got the cert, logged in, all good. Set up to sync to the NS8 OpenLDAP server following the instructions here: Authentik-SSO App for Nethserver 8 - #70 by LayLow and subsequent.

To add a little clarity:

In Authentik’s admin dashboard, go to Directory (on the left sidebar) → Federation and Social login, click Create, select LDAP Source, click Next
For Name, enter whatever you like (I used NS8 OpenLDAP)
The slug will populate automatically
Turn off Sync Groups
The Server URI can be found in the NS8 cluster admin, domains and users, and the provider you’re using; prefix with ldap://. For me, this was ldap://10.5.4.1:20018
Turn off Enable StartTLS
Set Bind CN to the Bind DN shown in the cluster-admin domains and users page, password and Base DN also to the values on that page.
Under LDAP Attribute mapping → User Property Mappings, add cn and uid to the Selected User Property Mappings
Under Additional Settings, Object uniqueness field, enter uid.
Click Finish

dan · February 26, 2025, 10:38pm

…and a few hours later, Authentik reports there’s a new version available.

oneitonitram · February 27, 2025, 7:41am

this version Release 2025.2 | authentik

should be able to update at night… after testing the update ofcourse…

dan · April 9, 2025, 1:45pm

It’s six weeks later, and we’re now at:

Is this going to be updated?

stephdl · April 10, 2025, 11:47am

In the .config/state/environment file you can try to adjust the updated version, once done you can restart the service

oneitonitram · April 10, 2025, 4:03pm

Don’t do. It just yet kindly. It’s gointto be updated. I had raced a major personal matter that affected me for an entire month. That’s why I wasn’t available. Still working on recovery measures as well.

oneitonitram · July 22, 2025, 11:14am

Could you Kindly Help test Updates to the New Version.
geniusdynamics/ns8-goauthentik at dev

On a New Authentik Setup, after configuration, Update to the current Dev Version, with some sample dummy data.

api-cli run update-module --data '{"module_url":"ghcr.io/compgeniuses/goauthentik:dev","instances":["goauthentik1"],"force":true}'.

Do not Update your production version yet, untill update is validated…

kemboielvis22 · August 21, 2025, 12:37am

I have tested update and backup restore and it seems good
Will be releasing authentik v2025.8.0

dan · August 26, 2025, 9:03am

App v 2.0 seems to break the admin user, though curiously the OIDC/LDAP configuration still seems to work. Looking for “error” in the logs, I get this:

2025-08-26T05:00:52-04:00 [1:goauthentik1:goauthentik-app] {"event": "Internal Server Error: /api/v3/core/brands/", "exception": [{"exc_notes": [], "exc_type": "PermissionError", "exc_value": "[Errno 13] Permission denied: '/dev/shm/counter_2.db'", "exceptions": [], "frames": [{"filename": "/ak-root/.venv/lib/python3.13/site-packages/asgiref/sync.py", "lineno": 489, "locals": {"args": "'(functools.partial(<function response_for_exception at 0x7fe47eda6b60>, <ASGIReq'+99", "exc_info": "\"(<class 'PermissionError'>, PermissionError(13, 'Permission denied'), <traceback\"+27", "func": "<built-in method run of _contextvars.Context object at 0x7fe473ddd1c0>", "kwargs": "{}", "loop": "<uvloop.Loop running=True closed=False debug=False>", "self": "<asgiref.sync.SyncToAsync object at 0x7fe47658bbd0>", "task_context": "[]"}, "name": "thread_handler"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/django/core/handlers/exception.py", "lineno": 42, "locals": {"exc": "PermissionError(13, 'Permission denied')", "get_response": "'<django_prometheus.middleware.PrometheusAfterMiddleware object at 0x7fe474e7b380'+1", "request": "<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>"}, "name": "inner"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/sentry_sdk/integrations/django/asgi.py", "lineno": 243, "locals": {"_check_middleware_span": "<function _wrap_middleware.<locals>._check_middleware_span at 0x7fe4735e8540>", "args": "(<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>,)", "f": "'<bound method MiddlewareMixin.__acall__ of <PrometheusAfterMiddleware get_respon'+36", "kwargs": "{}", "middleware_span": "\"<Span(op='middleware.django', description:'django_prometheus.middleware.Promethe\"+180", "self": "'<django_prometheus.middleware.PrometheusAfterMiddleware object at 0x7fe474e7b380'+1"}, "name": "__acall__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/django/utils/deprecation.py", "lineno": 141, "locals": {"request": "<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>", "response": "None", "self": "<PrometheusAfterMiddleware get_response=BaseHandler._get_response_async>"}, "name": "__acall__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/asgiref/sync.py", "lineno": 439, "locals": {"args": "(<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>,)", "child": "'functools.partial(<bound method PrometheusAfterMiddleware.process_request of <Pr'+135", "context": "<_contextvars.Context object at 0x7fe474f77b80>", "current_thread_executor": "<asgiref.current_thread_executor.CurrentThreadExecutor object at 0x7fe4754f4fa0>", "exec_coro": "<Future finished exception=PermissionError(13, 'Permission denied')>", "executor": "<asgiref.current_thread_executor.CurrentThreadExecutor object at 0x7fe4754f4fa0>", "func": "<built-in method run of _contextvars.Context object at 0x7fe474f77b80>", "kwargs": "{}", "loop": "<uvloop.Loop running=True closed=False debug=False>", "self": "<asgiref.sync.SyncToAsync object at 0x7fe4754744b0>", "task_context": "[]"}, "name": "__call__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/asgiref/current_thread_executor.py", "lineno": 40, "locals": {"self": "None"}, "name": "run"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/asgiref/sync.py", "lineno": 493, "locals": {"args": "'(functools.partial(<bound method PrometheusAfterMiddleware.process_request of <P'+138", "exc_info": "(None, None, None)", "func": "<built-in method run of _contextvars.Context object at 0x7fe474f77b80>", "kwargs": "{}", "loop": "<uvloop.Loop running=True closed=False debug=False>", "self": "<asgiref.sync.SyncToAsync object at 0x7fe4754744b0>", "task_context": "[]"}, "name": "thread_handler"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/django_prometheus/middleware.py", "lineno": 218, "locals": {"method": "'GET'", "request": "<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>", "self": "<PrometheusAfterMiddleware get_response=BaseHandler._get_response_async>", "transport": "'http'"}, "name": "process_request"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/django_prometheus/middleware.py", "lineno": 213, "locals": {"labels": "{'method': 'GET'}", "metric": "prometheus_client.metrics.Counter(django_http_requests_total_by_method)", "request": "<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>", "response": "None", "self": "<PrometheusAfterMiddleware get_response=BaseHandler._get_response_async>"}, "name": "label_metric"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/metrics.py", "lineno": 179, "locals": {"labelkwargs": "{'method': 'GET'}", "labelvalues": "('GET',)", "self": "prometheus_client.metrics.Counter(django_http_requests_total_by_method)"}, "name": "labels"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/metrics.py", "lineno": 127, "locals": {"_labelvalues": "('GET',)", "documentation": "'Count of requests by method.'", "labelnames": "('method',)", "name": "'django_http_requests_total_by_method'", "namespace": "''", "registry": "<prometheus_client.registry.CollectorRegistry object at 0x7fe485797a10>", "self": "prometheus_client.metrics.Counter(django_http_requests_total_by_method)", "subsystem": "''", "unit": "''"}, "name": "__init__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/metrics.py", "lineno": 282, "locals": {"self": "prometheus_client.metrics.Counter(django_http_requests_total_by_method)"}, "name": "_metric_init"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/values.py", "lineno": 68, "locals": {"help_text": "'Count of requests by method.'", "kwargs": "{}", "labelnames": "('method',)", "labelvalues": "('GET',)", "lock": "<unlocked _thread.lock object at 0x7fe473e8a090>", "metric_name": "'django_http_requests_total_by_method'", "multiprocess_mode": "''", "name": "'django_http_requests_total_by_method_total'", "self": "'<prometheus_client.values.MultiProcessValue.<locals>.MmapedValue object at 0x7fe'+10", "typ": "'counter'", "values": "'[<prometheus_client.values.MultiProcessValue.<locals>.MmapedValue object at 0x7f'+288"}, "name": "__init__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/values.py", "lineno": 82, "locals": {"file_prefix": "'counter'", "filename": "'/dev/shm/counter_2.db'", "files": "{'gauge_all': <prometheus_client.mmap_dict.MmapedDict object at 0x7fe474cde8f0>}", "help_text": "'Count of requests by method.'", "labelnames": "('method',)", "labelvalues": "('GET',)", "metric_name": "'django_http_requests_total_by_method'", "multiprocess_mode": "''", "name": "'django_http_requests_total_by_method_total'", "pid": "{'value': 2}", "self": "'<prometheus_client.values.MultiProcessValue.<locals>.MmapedValue object at 0x7fe'+10", "typ": "'counter'"}, "name": "__reset"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/mmap_dict.py", "lineno": 64, "locals": {"filename": "'/dev/shm/counter_2.db'", "read_mode": "False", "self": "<prometheus_client.mmap_dict.MmapedDict object at 0x7fe4745b67d0>"}, "name": "__init__"}], "is_cause": false, "is_group": false, "syntax_error": null}], "level": "error", "logger": "django.request", "timestamp": "2025-08-26T09:00:52.870097"}
2025-08-26T05:00:52-04:00 [1:goauthentik1:goauthentik-app] {"error":"500 Internal Server Error","event":"failed to fetch page","level":"warning","logger":"authentik.router.brand_tls","page":1,"timestamp":"2025-08-26T09:00:52Z"}
2025-08-26T05:00:52-04:00 [1:goauthentik1:goauthentik-app] {"error":"500 Internal Server Error","event":"failed to get brands","level":"warning","logger":"authentik.router.brand_tls","timestamp":"2025-08-26T09:00:52Z"}

oneitonitram · August 26, 2025, 4:38pm

Admin user for authentik, or admin user from your ad account.

By breaking do you mean you’re unable to. Login using admin users, that was previously possible to do so.

Beyond changing admin user: username are there anything else you had modified to help us look into it?

dan · August 26, 2025, 4:41pm

I don’t use AD. It’s the akadmin user.

Correct. akadmin is unable to log in, the system returning an Internal Server Error. An API key associated with akadmin also fails to authenticate (it is, or was, feeding API stats to Homepage).

I haven’t changed that username. I’ve configured it to connect to the OpenLDAP directory on my NS8 instance, and configured a number of applications (including passwordless authentication using passkeys), but all through its UI. No other changes that I can recall.

oneitonitram · August 26, 2025, 4:50pm

OK thank you, in our tests we did not experience this. Allow us to retest and revert if we notice something and a fix..

Did you configure after updating?

dan · August 26, 2025, 4:57pm

As in, (re)save the settings in the NS8 UI? No; I could try that.

Having tried that, now the situation is worse–I’m now unable to log in as any user. Here are the last few lines of the log containing “error”:

2025-08-26T13:00:51-04:00 [1:goauthentik1:goauthentik-app] {"event": "Internal Server Error: /api/v3/core/brands/", "exception": [{"exc_notes": [], "exc_type": "PermissionError", "exc_value": "[Errno 13] Permission denied: '/dev/shm/counter_2.db'", "exceptions": [], "frames": [{"filename": "/ak-root/.venv/lib/python3.13/site-packages/asgiref/sync.py", "lineno": 489, "locals": {"args": "'(functools.partial(<function response_for_exception at 0x7fe47eda6b60>, <ASGIReq'+99", "exc_info": "\"(<class 'PermissionError'>, PermissionError(13, 'Permission denied'), <traceback\"+27", "func": "<built-in method run of _contextvars.Context object at 0x7fe473b77900>", "kwargs": "{}", "loop": "<uvloop.Loop running=True closed=False debug=False>", "self": "<asgiref.sync.SyncToAsync object at 0x7fe4736542f0>", "task_context": "[]"}, "name": "thread_handler"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/django/core/handlers/exception.py", "lineno": 42, "locals": {"exc": "PermissionError(13, 'Permission denied')", "get_response": "'<django_prometheus.middleware.PrometheusAfterMiddleware object at 0x7fe474e7b380'+1", "request": "<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>"}, "name": "inner"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/sentry_sdk/integrations/django/asgi.py", "lineno": 243, "locals": {"_check_middleware_span": "<function _wrap_middleware.<locals>._check_middleware_span at 0x7fe4735e8540>", "args": "(<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>,)", "f": "'<bound method MiddlewareMixin.__acall__ of <PrometheusAfterMiddleware get_respon'+36", "kwargs": "{}", "middleware_span": "\"<Span(op='middleware.django', description:'django_prometheus.middleware.Promethe\"+180", "self": "'<django_prometheus.middleware.PrometheusAfterMiddleware object at 0x7fe474e7b380'+1"}, "name": "__acall__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/django/utils/deprecation.py", "lineno": 141, "locals": {"request": "<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>", "response": "None", "self": "<PrometheusAfterMiddleware get_response=BaseHandler._get_response_async>"}, "name": "__acall__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/asgiref/sync.py", "lineno": 439, "locals": {"args": "(<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>,)", "child": "'functools.partial(<bound method PrometheusAfterMiddleware.process_request of <Pr'+135", "context": "<_contextvars.Context object at 0x7fe474fe4400>", "current_thread_executor": "<asgiref.current_thread_executor.CurrentThreadExecutor object at 0x7fe474ede510>", "exec_coro": "<Future finished exception=PermissionError(13, 'Permission denied')>", "executor": "<asgiref.current_thread_executor.CurrentThreadExecutor object at 0x7fe474ede510>", "func": "<built-in method run of _contextvars.Context object at 0x7fe474fe4400>", "kwargs": "{}", "loop": "<uvloop.Loop running=True closed=False debug=False>", "self": "<asgiref.sync.SyncToAsync object at 0x7fe473c502f0>", "task_context": "[]"}, "name": "__call__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/asgiref/current_thread_executor.py", "lineno": 40, "locals": {"self": "None"}, "name": "run"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/asgiref/sync.py", "lineno": 493, "locals": {"args": "'(functools.partial(<bound method PrometheusAfterMiddleware.process_request of <P'+138", "exc_info": "(None, None, None)", "func": "<built-in method run of _contextvars.Context object at 0x7fe474fe4400>", "kwargs": "{}", "loop": "<uvloop.Loop running=True closed=False debug=False>", "self": "<asgiref.sync.SyncToAsync object at 0x7fe473c502f0>", "task_context": "[]"}, "name": "thread_handler"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/django_prometheus/middleware.py", "lineno": 218, "locals": {"method": "'GET'", "request": "<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>", "self": "<PrometheusAfterMiddleware get_response=BaseHandler._get_response_async>", "transport": "'http'"}, "name": "process_request"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/django_prometheus/middleware.py", "lineno": 213, "locals": {"labels": "{'method': 'GET'}", "metric": "prometheus_client.metrics.Counter(django_http_requests_total_by_method)", "request": "<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>", "response": "None", "self": "<PrometheusAfterMiddleware get_response=BaseHandler._get_response_async>"}, "name": "label_metric"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/metrics.py", "lineno": 179, "locals": {"labelkwargs": "{'method': 'GET'}", "labelvalues": "('GET',)", "self": "prometheus_client.metrics.Counter(django_http_requests_total_by_method)"}, "name": "labels"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/metrics.py", "lineno": 127, "locals": {"_labelvalues": "('GET',)", "documentation": "'Count of requests by method.'", "labelnames": "('method',)", "name": "'django_http_requests_total_by_method'", "namespace": "''", "registry": "<prometheus_client.registry.CollectorRegistry object at 0x7fe485797a10>", "self": "prometheus_client.metrics.Counter(django_http_requests_total_by_method)", "subsystem": "''", "unit": "''"}, "name": "__init__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/metrics.py", "lineno": 282, "locals": {"self": "prometheus_client.metrics.Counter(django_http_requests_total_by_method)"}, "name": "_metric_init"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/values.py", "lineno": 68, "locals": {"help_text": "'Count of requests by method.'", "kwargs": "{}", "labelnames": "('method',)", "labelvalues": "('GET',)", "lock": "<unlocked _thread.lock object at 0x7fe473e8a090>", "metric_name": "'django_http_requests_total_by_method'", "multiprocess_mode": "''", "name": "'django_http_requests_total_by_method_total'", "self": "'<prometheus_client.values.MultiProcessValue.<locals>.MmapedValue object at 0x7fe'+10", "typ": "'counter'", "values": "'[<prometheus_client.values.MultiProcessValue.<locals>.MmapedValue object at 0x7f'+288"}, "name": "__init__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/values.py", "lineno": 82, "locals": {"file_prefix": "'counter'", "filename": "'/dev/shm/counter_2.db'", "files": "{'gauge_all': <prometheus_client.mmap_dict.MmapedDict object at 0x7fe474cde8f0>}", "help_text": "'Count of requests by method.'", "labelnames": "('method',)", "labelvalues": "('GET',)", "metric_name": "'django_http_requests_total_by_method'", "multiprocess_mode": "''", "name": "'django_http_requests_total_by_method_total'", "pid": "{'value': 2}", "self": "'<prometheus_client.values.MultiProcessValue.<locals>.MmapedValue object at 0x7fe'+10", "typ": "'counter'"}, "name": "__reset"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/mmap_dict.py", "lineno": 64, "locals": {"filename": "'/dev/shm/counter_2.db'", "read_mode": "False", "self": "<prometheus_client.mmap_dict.MmapedDict object at 0x7fe4744bb050>"}, "name": "__init__"}], "is_cause": false, "is_group": false, "syntax_error": null}], "level": "error", "logger": "django.request", "timestamp": "2025-08-26T17:00:51.476620"}
2025-08-26T13:00:51-04:00 [1:goauthentik1:goauthentik-app] {"error":"500 Internal Server Error","event":"failed to fetch page","level":"warning","logger":"authentik.router.brand_tls","page":1,"timestamp":"2025-08-26T17:00:51Z"}
2025-08-26T13:00:51-04:00 [1:goauthentik1:goauthentik-app] {"error":"500 Internal Server Error","event":"failed to get brands","level":"warning","logger":"authentik.router.brand_tls","timestamp":"2025-08-26T17:00:51Z"}
2025-08-26T13:00:52-04:00 [1:goauthentik1:goauthentik-app] {"event": "Internal Server Error: /api/v3/core/brands/", "exception": [{"exc_notes": [], "exc_type": "PermissionError", "exc_value": "[Errno 13] Permission denied: '/dev/shm/counter_2.db'", "exceptions": [], "frames": [{"filename": "/ak-root/.venv/lib/python3.13/site-packages/asgiref/sync.py", "lineno": 489, "locals": {"args": "'(functools.partial(<function response_for_exception at 0x7fe47eda6b60>, <ASGIReq'+99", "exc_info": "\"(<class 'PermissionError'>, PermissionError(13, 'Permission denied'), <traceback\"+27", "func": "<built-in method run of _contextvars.Context object at 0x7fe47578f500>", "kwargs": "{}", "loop": "<uvloop.Loop running=True closed=False debug=False>", "self": "<asgiref.sync.SyncToAsync object at 0x7fe473d7ac10>", "task_context": "[]"}, "name": "thread_handler"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/django/core/handlers/exception.py", "lineno": 42, "locals": {"exc": "PermissionError(13, 'Permission denied')", "get_response": "'<django_prometheus.middleware.PrometheusAfterMiddleware object at 0x7fe474e7b380'+1", "request": "<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>"}, "name": "inner"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/sentry_sdk/integrations/django/asgi.py", "lineno": 243, "locals": {"_check_middleware_span": "<function _wrap_middleware.<locals>._check_middleware_span at 0x7fe4735e8540>", "args": "(<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>,)", "f": "'<bound method MiddlewareMixin.__acall__ of <PrometheusAfterMiddleware get_respon'+36", "kwargs": "{}", "middleware_span": "\"<Span(op='middleware.django', description:'django_prometheus.middleware.Promethe\"+180", "self": "'<django_prometheus.middleware.PrometheusAfterMiddleware object at 0x7fe474e7b380'+1"}, "name": "__acall__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/django/utils/deprecation.py", "lineno": 141, "locals": {"request": "<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>", "response": "None", "self": "<PrometheusAfterMiddleware get_response=BaseHandler._get_response_async>"}, "name": "__acall__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/asgiref/sync.py", "lineno": 439, "locals": {"args": "(<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>,)", "child": "'functools.partial(<bound method PrometheusAfterMiddleware.process_request of <Pr'+135", "context": "<_contextvars.Context object at 0x7fe474d5e340>", "current_thread_executor": "<asgiref.current_thread_executor.CurrentThreadExecutor object at 0x7fe474ede0b0>", "exec_coro": "<Future finished exception=PermissionError(13, 'Permission denied')>", "executor": "<asgiref.current_thread_executor.CurrentThreadExecutor object at 0x7fe474ede0b0>", "func": "<built-in method run of _contextvars.Context object at 0x7fe474d5e340>", "kwargs": "{}", "loop": "<uvloop.Loop running=True closed=False debug=False>", "self": "<asgiref.sync.SyncToAsync object at 0x7fe473d58670>", "task_context": "[]"}, "name": "__call__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/asgiref/current_thread_executor.py", "lineno": 40, "locals": {"self": "None"}, "name": "run"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/asgiref/sync.py", "lineno": 493, "locals": {"args": "'(functools.partial(<bound method PrometheusAfterMiddleware.process_request of <P'+138", "exc_info": "(None, None, None)", "func": "<built-in method run of _contextvars.Context object at 0x7fe474d5e340>", "kwargs": "{}", "loop": "<uvloop.Loop running=True closed=False debug=False>", "self": "<asgiref.sync.SyncToAsync object at 0x7fe473d58670>", "task_context": "[]"}, "name": "thread_handler"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/django_prometheus/middleware.py", "lineno": 218, "locals": {"method": "'GET'", "request": "<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>", "self": "<PrometheusAfterMiddleware get_response=BaseHandler._get_response_async>", "transport": "'http'"}, "name": "process_request"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/django_prometheus/middleware.py", "lineno": 213, "locals": {"labels": "{'method': 'GET'}", "metric": "prometheus_client.metrics.Counter(django_http_requests_total_by_method)", "request": "<ASGIRequest: GET '/api/v3/core/brands/?page=1&page_size=100'>", "response": "None", "self": "<PrometheusAfterMiddleware get_response=BaseHandler._get_response_async>"}, "name": "label_metric"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/metrics.py", "lineno": 179, "locals": {"labelkwargs": "{'method': 'GET'}", "labelvalues": "('GET',)", "self": "prometheus_client.metrics.Counter(django_http_requests_total_by_method)"}, "name": "labels"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/metrics.py", "lineno": 127, "locals": {"_labelvalues": "('GET',)", "documentation": "'Count of requests by method.'", "labelnames": "('method',)", "name": "'django_http_requests_total_by_method'", "namespace": "''", "registry": "<prometheus_client.registry.CollectorRegistry object at 0x7fe485797a10>", "self": "prometheus_client.metrics.Counter(django_http_requests_total_by_method)", "subsystem": "''", "unit": "''"}, "name": "__init__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/metrics.py", "lineno": 282, "locals": {"self": "prometheus_client.metrics.Counter(django_http_requests_total_by_method)"}, "name": "_metric_init"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/values.py", "lineno": 68, "locals": {"help_text": "'Count of requests by method.'", "kwargs": "{}", "labelnames": "('method',)", "labelvalues": "('GET',)", "lock": "<unlocked _thread.lock object at 0x7fe473e8a090>", "metric_name": "'django_http_requests_total_by_method'", "multiprocess_mode": "''", "name": "'django_http_requests_total_by_method_total'", "self": "'<prometheus_client.values.MultiProcessValue.<locals>.MmapedValue object at 0x7fe'+10", "typ": "'counter'", "values": "'[<prometheus_client.values.MultiProcessValue.<locals>.MmapedValue object at 0x7f'+288"}, "name": "__init__"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/values.py", "lineno": 82, "locals": {"file_prefix": "'counter'", "filename": "'/dev/shm/counter_2.db'", "files": "{'gauge_all': <prometheus_client.mmap_dict.MmapedDict object at 0x7fe474cde8f0>}", "help_text": "'Count of requests by method.'", "labelnames": "('method',)", "labelvalues": "('GET',)", "metric_name": "'django_http_requests_total_by_method'", "multiprocess_mode": "''", "name": "'django_http_requests_total_by_method_total'", "pid": "{'value': 2}", "self": "'<prometheus_client.values.MultiProcessValue.<locals>.MmapedValue object at 0x7fe'+10", "typ": "'counter'"}, "name": "__reset"}, {"filename": "/ak-root/.venv/lib/python3.13/site-packages/prometheus_client/mmap_dict.py", "lineno": 64, "locals": {"filename": "'/dev/shm/counter_2.db'", "read_mode": "False", "self": "<prometheus_client.mmap_dict.MmapedDict object at 0x7fe47401f050>"}, "name": "__init__"}], "is_cause": false, "is_group": false, "syntax_error": null}], "level": "error", "logger": "django.request", "timestamp": "2025-08-26T17:00:52.863930"}
2025-08-26T13:00:52-04:00 [1:goauthentik1:goauthentik-app] {"error":"500 Internal Server Error","event":"failed to fetch page","level":"warning","logger":"authentik.router.brand_tls","page":1,"timestamp":"2025-08-26T17:00:52Z"}
2025-08-26T13:00:52-04:00 [1:goauthentik1:goauthentik-app] {"error":"500 Internal Server Error","event":"failed to get brands","level":"warning","logger":"authentik.router.brand_tls","timestamp":"2025-08-26T17:00:52Z"}